﻿<!--#include file="../lib/base.asp"-->
<!--#include file="../theme.asp"-->
<%
	sdcms.checkuserlogin
	dim act:act=lcase(sdcms.fget("act",0))
	select case act
		case "db":checkdb()
		case else
			sdcms.show theme_userexchange,""
	end select
	
	sub checkdb()
		dim t0,t1
		t0=sdcms.getint(sdcms.fpost("t0",0),0)
		t1=sdcms.enhtml(sdcms.fpost("t1",0))
		if t0<=0 then
			sdcms.ajaxjson "&#26368;&#20302;&#20817;&#25442;&#37329;&#39069;&#20026;&#49;&#20803;",0
			exit sub
		end if
		if sdcms.strlen(t1)=0 then
			sdcms.ajaxjson "&#35831;&#36755;&#20837;&#23494;&#30721;",0
			exit sub
		end if
		dim userdata,userid
		userdata=sdcms.userinfo
		userid=userdata(0)
		if md5(t1)<>userdata(2) then
			sdcms.ajaxjson "&#30331;&#24405;&#23494;&#30721;&#38169;&#35823;",0
			exit sub
		end if
		'获得当前用户金额，积分
		dim data,amount,point,groupid,allowupgrade
		data=sdcms.db.dbload(1,"amount,point,groupid,(select allowupgrade from sd_user_group where id=sd_user.groupid)","sd_user","id="&userid&"","")
		amount=data(0,0)
		point=data(1,0)
		groupid=data(2,0)
		allowupgrade=data(3,0)
		if amount=0 then
			sdcms.ajaxjson "&#36134;&#25143;&#37329;&#39069;&#19981;&#36275;&#65292;&#26080;&#27861;&#20817;&#25442;",0
			exit sub
		end if
		if amount<t0 then
			sdcms.ajaxjson "&#20817;&#25442;&#37329;&#39069;&#19981;&#33021;&#22823;&#20110;"&amount,0
			exit sub
		end if
		dim namount,npoint
		namount=amount-t0
		npoint=point+t0*sdcms.getsys("str_exchange")
		'更新用户数据库，写入财务/积分记录数据库，调用积分变更函数
		sdcms.db.dbupdate "sd_user","id="&userid&"",array(array("amount",namount,10,0),array("point",npoint,10,0))
		sdcms.createusermoney array(array("amount",t0,0,0),array("userid",userid,0,0),array("type",2,0,0),array("content","积分兑换，花费："&sdcms.getnum(t0)&"元",0,1),array("createdate",sqltime,0,0))
		sdcms.db.insert "sd_user_point",array(array("point",t0*sdcms.getsys("str_exchange"),0,0),array("userid",userid,0,0),array("type",1,0,0),array("content","积分兑换，花费："&sdcms.getnum(t0)&"元",0,1),array("createdate",sqltime,0,0))
		if allowupgrade=1 then sdcms.userupgrade npoint,groupid,userid
		sdcms.ajaxjson "&#31215;&#20998;&#20817;&#25442;&#25104;&#21151;",1
		
	end sub
	sdcms.db.dbclose
%>